There are no virtual classes on the schedule in your country.There are no public classes currently scheduled in your country. View our global class scheduleThis course is available in private, mentoring or e-learning options.

Complete this form, and a Training Advisor will be in touch with you shortly to address your training needs.

Course Description

This course prepares you to be a more effective security administrator as you gain experience and confidence in using the RACF component of the z/OS Security Server. To reinforce lectures, the course offers hands-on exercises where you use the RACF component of the z/OS Security Server to define users, set up group structures, define general resources, protect z/OS data sets, and use several RACF utilities.

Objectives

Identify the security requirements of a system

Evaluate the facilities and options of RACF

Define users to RACF

Set up a RACF group structure

Use RACF to protect resources

Select options to tailor RACF

Evaluate and implement RACF database and performance options

Identify tools available for auditing

Administer the system so that it is consistent with the installation's security goals

Audience

This intermediate course is for people who are new to the RACF component of the z/OS Security Server, and responsible for security administration. This includes people who are planning to implement RACF for the first time, and people who are security administrators in installations where RACF is already implemented. Those inexperienced z/OS users might find the course Basics of z/OS RACF Administration (ES19) more appropriate.

Anyone planning to implement the advanced features of RACF should consider attending Implementing RACF Security for CICS (ES84), and Exploiting the Advanced Features of RACF (ES88)

Prerequisites

You should be familiar with the facilities of the system, logging on to TSO and using ISPF. A knowledge of resources like data sets, DASD volumes, and programs is required to get the most benefit from the course. This knowledge might be obtained by attending Fundamental System Skills in z/OS (ES10), or consider taking Basics of z/OS RACF Administration (ES19) instead of this course. ES19 spends the first day covering these prerequisites and provides a more basic understanding of RACF than Effective RACF Administration (BE87).

You might also find it beneficial to attend z/OS Security Server RACF, Implementation and Customization (SZ81) to learn the implementation and customization of the z/OS security server RACF.

Topics

Day 1

Welcome

Unit 1 - Security and RACF overview

Unit 2 - Administering groups and users

Exercise 1 - Log on to the lab system

Exercise 2 - Defining a RACF group structure

Exercise 3 - User administration

Day 2

Exercise review

Unit 2 - Administering groups and users (continued)

Exercise 4 - Delegating security administration

Unit 3 - Protecting z/OS data sets

Exercise 5 - Protecting z/OS data sets: Part 1

Day 3

Exercise 5 - Protecting z/OS data sets: Part 1 (continued)

Exercise 6 - Protecting z/OS data sets: Part 2 Exercise review

Unit 4 - Introduction to user administration and delegation and general resources

Exercise 7 - Password reset granularity

Unit 5 - RACF database, tables, and performance options

Day 4

Unit 6 - RACF utilities and exits

Unit 7 - RACF options

Unit 8 - Auditing the RACF environment

Exercise 8 - Using RACF for TSO administration (Optional)

Exercise 9 - RACF utilities (Optional)

Exercise 10 - RACF monitoring

Day 5

Exercise review

Unit 9 - Storage management and RACF

Unit 10 - Security for JES facilities

Unit 11 - Security classification

Badges

When you complete the Instructor-Led version of this course, you will be eligible to earn an IBM Training Badge that can be displayed on your website, business cards and social media channels to demonstrate your mastery of the skills you learned here.